Apply now »

Cybersecurity - Penetration Tester

Location:  Brussels
Other locations:  Primary Location Only
Salary: Competitive
Date:  18-Jan-2022

Job description

Requisition ID:  172525

About Us


We are a team of 55+ Cybersecurity and Privacy professionals that helps organizations address the challenges on cybersecurity and privacy in a way that is in line with their business strategy.

We provide independent and impartial assistance in IT and business in industry and government organizations. Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills to support our clients and to growth their own career.


Our Belgian practice is part of an EMEIA and Global cyber competency that holds over 7.000 cyber experts. We are one of the 63 Advanced Security Centers globally.


Our team is organized based on five core cyber capabilities that drive our go-to-market.


  • Cyber Strategy and Resilience: Evaluate and improve our clients’ cybersecurity and resiliency program in context of the business growth and operations strategies.
  • Offensive Security: Penetration testing and Red Teaming, identifying weaknesses in our clients’ IT and Technology environment.
  • Defensive Security: Blue Teaming. Handle security incidents with our clients, co-operating their Cyber Security Incident Response Team (CSIRT), working with Cyber Threat Intelligence and running our 24/7 Incident Response service.
  • Cloud Security: Build security in our clients’ cloud solutions with focus on Security Orchestration, Automation & Response (SOAR).
  • Digital Identify and Trust Services: Advise and certify Public Key Infrastructure (PKI) of Trust Service Providers (TSP) and Certificate Authorities (CA) in the context EU eIDAS regulation.


The opportunity


We have ambitious plans to expand our market leading Cybersecurity practice. We continue to build our Cybersecurity practice and are looking for strong individuals with experience and expertise in cyber, more specifically in the domain of Offensive Security.


You will join a team of experts providing cybersecurity services to a wide range of clients in industry and government, both nationally and internationally. You will lead or deliver pentesting and Red Teaming engagements. Depending on your level of experience also develop and support our go-to-market and solutions in this domain.


By joining us now you will be part of our exciting growth strategy where you will get the opportunity to shape your career it in line with your own interests and aspirations.


Your key responsibilities


Taking into account your experience and maturity, your involvement will vary from assisting in delivering these projects, acting as a subject matter expert or leading a team towards excellent client experience. Furthermore, you may be involved in pro-actively identifying and pursuing opportunities for further business and team growth.


You will lead or execute penetration testing or Red Teaming exercises including identifying and exploiting security vulnerabilities in our clients’ IT and Technology environment using our established methodology, tools and rules of engagements.


  • Perform intelligence gathering, vulnerability identification and analysis in a wide array of IT environments to identify vulnerabilities and potential attack paths resulting in privilege escalation and remote code execution vulnerabilities on client infrastructure.
  • Perform in-depth analysis of penetration testing results and create a penetration testing report that describes findings, exploitation procedures, risks and recommendations.
  • Conduct security research to devise new attack techniques.
  • Stay current with the latest exploits and security trends.
  • Develop custom software tools / scripts to assist in compromising IT infrastructure and applications.
  • Ability to work both independently as well as lead a team of technical testers on penetration testing engagements.
  • Provide technical leadership and advise to junior team members on attack and penetration test engagements.
  • Convey complex technical security concepts to technical and non-technical audiences, including executives. 




  • You have a Bachelor's or Master’s degree in Computer Science, Cybersecurity, Information Systems, Information Technology, Engineering or a related major
  • You have relevant experience in penetration testing or Red Teaming and experience in working independently or as part of a large team to delivery cybersecurity services on its own or within large complex projects.
  • Experience may include IT infrastructure, web application, API, mobile applications, wireless, social engineering, container security, cloud technologies.
  • You are familiar with the latest exploits, tactics, techniques and procedures (TTP), vulnerability remediation and security trends.
  • You have knowledge of Windows, Linux, Unix, MacOS, Android, iOS and any other major operating systems.
  • You have understanding and experience with various Active Directory attack techniques.
  • You understand of TCP/IP protocol, network security and popular attack vectors.
  • You understand of web-based application vulnerabilities (OWASP Top 10).
  • You have experience in using vulnerability scanning tools (e.g. Nessus, Sqlmap, nmap, Burpsuite Pro, ZAP, etc.) and with scripting / programming skills (e.g., Python, PowerShell, Java, Perl, Ruby etc).
  • Possession of relevant qualifications: CEH, OSCP, OSWP, GPEN, GWAPT, OSCE, OSEE, GXPN, or similar are an asset.
  • You are able to communicate effectively with both IT and business people about information security matters.
  • You have an analytical mindset, strive for quality and are able to work in a result-oriented environment.
  • Fluent in either Dutch or French - Professional knowledge of English


Our Offer


A career with EY is not comparable with any other. With us, your competencies and your areas of interest will determine your future, so we offer you:


  • A strong team with ambitious growth, which will allow you to work with prominent national and global organizations
  • A clear career path and the opportunity to shape your own career
  • A dynamic working environment, working with our experts on hot cyber topics
  • Challenging project journeys and a position with a high degree of autonomy and responsibility
  • An environment that continuously stimulates personal development, provides extensive trainings and renowned certifications
  • Flexible working arrangements, support for a good work-life balance
  • A competitive remuneration package

Apply now »